The video from my “Self Healing Cloud” presentation from OWASP AppSec US in Minneapolis last year is now online:
The presentation discusses automatically generating “virtual patch” rules for IDS/IPS and WAF systems based on web application scanner results. We have been working on this technique for a while and have a lab set up to test and optimize our results. We have created a “hub-and-spoke” system for creating virtual patches for a variety of blocking technologies based on uploading results from most common commercial and open source web application vulnerabilitity scanning results.
The slides for the presentation are also online:
dan _at_ denimgroup.com